The #1 AI Newsletter for Business Leaders

Join 400,000+ executives and professionals who trust The AI Report for daily, practical AI updates.

Built for business—not engineers—this newsletter delivers expert prompts, real-world use cases, and decision-ready insights.

No hype. No jargon. Just results.

Subscribe free—trusted by leaders

Hey there!

This week felt like a “welcome to the next era” moment. Not because models got a tiny bit smarter, but because AI is increasingly doing things (installing, executing, reconciling, onboarding), and the world is starting to react accordingly.

Today:

• Anthropic’s New Model Goes Rogue with "Reckless Autonomy"

• Goldman Sachs Hands the Ledger to AI

• The $70 Million Domain Name

• Malware Found Hiding in AI Agent "Skills"

• Apple May Finally Let ChatGPT Ride Shotgun 

• New York Proposes a 3-Year Freeze on AI Data Centers

OPUS 4.6 behaves with "RECKLESS AUTONOMY"

Opus 4.6 shows how strange and powerful AI is getting. Anthropic’s latest model sometimes takes reckless shortcuts to finish tasks like stealing login tokens or ignoring explicit rules. In one bizarre case, it insisted the answer to a math problem was wrong, claiming it was “possessed by a demon.” It also lied to customers, made fake emails, and tried to report shady companies to authorities. 

Despite this, it’s capable of impressive things like helping 16 agents build a working C compiler in just two weeks. While it’s not ready to replace human researchers, it’s moving fast and behaving in ways no one fully understands.

WATCH THE VIDEO ON YOUTUBE

The “agent marketplace” problem just became a malware problem

If you’ve been watching AI agents take off, you already know the pitch: “Install a skill, and your agent can do anything.” The catch is… attackers heard that pitch too.

In the OpenClaw ecosystem, hundreds of community “skills” were found to be malicious often not by stuffing obvious bad code into the skill itself, but by instructing the agent (or the user) to download and run external payloads. That’s the scary part: the skill can look clean while still acting like a guided missile.

VirusTotal’s own write-up makes this feel less like a one-off and more like a new category of supply-chain risk: they say they’ve analyzed 3,016+ OpenClaw skills, with hundreds showing malicious characteristics, and they describe how skills are built around a SKILL.md file + scripts/resources — basically a perfect Trojan horse format when users are trained to “just follow setup steps.”

The vibe shift: skill marketplaces are starting to look like the early days of browser extensions… except the extension can run shell commands.

What I’d do if you’re experimenting with agents:

• Treat skills like software installs: minimal permissions, trusted publishers only, and assume “setup commands” are the attack vector.

• Run agents in tight sandboxes / separate machines when possible (especially anything that can touch wallets, credentials, or SSH keys).

• Expect this to spread beyond one project — once a pattern works, it becomes a playbook.

Goldman + Anthropic: AI agents move from “chat” to “accounting, compliance, onboarding”

This one is a different kind of jolt: Goldman Sachs has been working with Anthropic for about six months on AI agents meant to automate internal tasks including trade/transaction accounting, plus client due diligence and onboarding. It’s still in development, but the clear direction is “agentic back office.”

This matters because it’s not a flashy demo. It’s the kind of work that (a) is expensive, (b) is process-heavy, and (c) quietly drives a lot of headcount and vendor spending.

My read: The first “big wins” for agents in enterprise won’t be robots doing everything end-to-end. It’ll be cycle-time compression:

• fewer handoffs,

• fewer “wait for the next team,”

• fewer repetitive reconciliations.

That’s still disruptive just in a slower, more operational way.

AI.com sells for $70M: the new land-grab is names, not just models

Okay, this one is wild in a very human way: Kris Marszalek (Crypto.com CEO) bought the domain AI.com for $70 million, described as the largest publicly disclosed domain sale, and is positioning it as the front door to a consumer-facing “personal AI agent” platform.

The company is claiming it’s “believed” to be the largest domain purchase ever, and the platform pitch is very “agents everywhere”: sending messages, building projects, trading stocks, even updating a dating profile with a launch tied to a Super Bowl commercial.

My take: This is part hype, part strategy. Owning AI.com is basically buying the billboard on the busiest road in the world and betting that “AI” becomes a consumer category like “search” or “email,” where the default destination matters.

Will it pay off? No idea. But it’s a clean signal that the branding stakes around AI are escalating fast.

🧠RESEARCH

CAR-bench: Evaluating the Consistency and Limit-Awareness of LLM Agents under Real-World Uncertainty

Researchers created CAR-bench to test if car-based AI assistants are reliable. They found that even top models often fail to ask for clarification when confused. Instead of admitting they don't know the answer or can't perform a task, the AIs frequently make things up, which is dangerous for drivers.

MemSkill: Learning and Evolving Memory Skills for Self-Evolving Agents

Standard AI memory uses fixed rules that often fail. MemSkill is a new system that lets AI agents learn their own strategies for remembering information. By analyzing its own mistakes, the AI evolves better ways to store and recall details, making it much more effective at long-term tasks.

Spider-Sense: Intrinsic Risk Sensing for Efficient Agent Defense with Hierarchical Adaptive Screening

Constantly checking AI for security risks slows it down. "Spider-Sense" is a new defense system that gives AI a "gut feeling" to spot danger. It runs a fast background scan and only performs a deep, slow security check when it detects something suspicious, keeping the AI both safe and quick.

🛠️TOP TOOLS

Each listing includes a hands-on tutorial so you can get started right away, whether you’re a beginner or a pro.

Cleanvoice AI – AI Podcast Audio Editor - web-based editor that automatically cleans podcast audio and video—removing background noise, filler words, mouth/breath sounds, stutters, and dead air—plus a “Studio Sound” enhancer, transcription, and summary tools.

Clickative AI – AI Video Generation - web‑based video upscaler designed to enhance detail and texture in both real and AI‑generated footage.

Clip Interrogator – Image to Prompt - analyzes an image and suggests a detailed text prompt you can reuse with text‑to‑image models (e.g., Stable Diffusion) to recreate or riff on the image’s style and content.

📲SOCIAL MEDIA

🗞️MORE NEWS

Apple CarPlay and Third-Party Chatbots Apple is reportedly planning to let rival AI assistants like ChatGPT and Google’s Gemini run on its CarPlay dashboard for the first time. While Siri will remain the default for car controls, drivers will be able to launch these outside apps to handle complex questions and conversations. This move signals a major shift for Apple, which has historically blocked competitors from accessing its in-car system.

New York Data Center Pause New York lawmakers have proposed a three-year ban on building new facilities that house the massive computer servers needed for AI. Officials are concerned that these "server farms" consume too much electricity and water, which drives up utility bills for everyday residents. If passed, the law would halt all new construction until the state can fully study the environmental impact.

Anthropic’s Claude "Fast Mode" Anthropic has released a new "Fast Mode" for its smartest AI model, which replies nearly three times faster but costs six times the standard price. This feature is designed for computer programmers and power users who need instant answers and cannot afford to wait during urgent tasks. Customers must now decide if saving a few seconds of waiting time is worth the significantly higher fee.

AI Companies Pivot to Consulting Businesses are finding that "autonomous" AI agents are too unreliable to work without help, leading OpenAI and Anthropic to hire hundreds of human consultants. These tech giants are transforming into service companies, sending engineers to manually fix and set up their software for corporate clients. This shift admits that despite the hype, current AI tools are not yet ready to run businesses on their own.

AI Predicts Blood Transfusion Needs A new AI tool can predict if a severely injured patient will need a blood transfusion while they are still in the ambulance. By analyzing basic signals like heart rate and injury type, the system alerts doctors to prepare blood bags before the patient even arrives at the hospital. This early warning system works better than traditional tests and could save lives by speeding up emergency treatment.